package com.manlost.web.controller.login;
import java.util.HashMap;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;

import com.manlost.biz.ManlostServiceLocator;
import com.manlost.biz.account.AccountService;
import com.manlost.biz.account.model.dataobject.Account;
import com.manlost.web.common.Result;
import com.manlost.web.common.ResultBuilder;
import com.manlost.web.common.cookie.ManLostCookieSystemUtils;

/**
 * 标准登录 (welcome to manlost world!)
 * 
 * @author kang.zhouk
 * 
 */
@Controller
public class StandardLoginAction {

	private AccountService accountService = ManlostServiceLocator.getAccountService();
			
	private static final String LOGIN_REQUEST_PARAM_PASSPORT = "passport";
	private static final String LOGIN_REQUEST_PARAM_PASSWORD = "password";
	private static final String LOGIN_REQUEST_PARAM_REMEMBER = "remember";
	
	/**
	 * 页面登录
	 */
	@RequestMapping(value = "/login_action.htm", method = {RequestMethod.POST, RequestMethod.GET})
	ModelAndView doLoginCore(HttpServletRequest request, HttpServletResponse response) {
		if(!processLogin(request,response).isSuccessFlag()){
			return null;
		}
		
		// 重定向需要重写 TODO
		String returnUrl = "http://localhost:9090/manlost/index.htm";
		return new ModelAndView("redirect:" + returnUrl);
	}
	
	/**
	 * 弹出框登录
	 */
	@RequestMapping(value = "/login_ajax.htm", method = {RequestMethod.POST, RequestMethod.GET})
	@ResponseBody
	public Map<String, Object> ajaxLoginCore(HttpServletRequest request, HttpServletResponse response) {
		Map<String,Object> result = new HashMap<String,Object>();
		result.put("result",processLogin(request,response));
		return result;
	}
	
	private Result processLogin(HttpServletRequest request, HttpServletResponse response){
		String passport = request.getParameter(LOGIN_REQUEST_PARAM_PASSPORT);
		String password = request.getParameter(LOGIN_REQUEST_PARAM_PASSWORD);
		String remember = request.getParameter(LOGIN_REQUEST_PARAM_REMEMBER);
		
		// format input
		passport = StringUtils.trim(StringUtils.lowerCase(passport));
		password = StringUtils.trim(StringUtils.lowerCase(password));
		
		boolean isAutoSign = StringUtils.equals(remember, "on");
		
		if(StringUtils.isBlank(password) || StringUtils.isBlank(passport)) {
			return ResultBuilder.buildResult(false,"password is null!") ;
		}
		
		// 1.校验passport有效性
		Account account = accountService.findManLostUser(passport);
		if(null == account) {
			return ResultBuilder.buildResult(false,"not find!") ;
		}
		// 2.校验password有效性
		String dbPassword = account.getPassword();
		if (!StringUtils.equals(dbPassword, password)) {
			return ResultBuilder.buildResult(false,"password is error!") ;
		}

		// 3.写cookie
		ManLostCookieSystemUtils.setManLostCookieForLogin(request, account, isAutoSign);
		return ResultBuilder.buildResult(true) ;
	}
}
